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Abstract 

This  paper  characterizes  all  the  factorizations  of  a  polynomial  with  coeffi¬ 
cients  in  the  ring  Zn  where  n  is  a  composite  number.  We  give  algorithms  to 
compute  such  factorizations  along  with  algebraic  classifications. 
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1  Introduction 


This  paper  attempts  to  understand  the  computational  and  algebraic  differences 
between  polynomials  over  a  field  and  polynomials  over  a  ring.  Polynomials 
over  a  field  are  well  understood.  Many  important  polynomial  time  algorithms 
in  computational  algebra  have  been  developed  by  taking  advantage  of  the  un¬ 
derlying  field  structure.  In  the  case  where  the  polynomials  are  over  a  ring, 
however,  very  little  seems  to  be  known.  In  this  paper  we  try  to  understand 
the  algebraic  and  computational  complexity  of  polynomials  over  the  ring  of 
the  integers  modulo  n  where  n  is  a  composite.  In  particular,  we  will  attempt 
to  compute  and  characterize  all  factorizations  of  a  univariate  polynomial  into 
irreducibles.  Perhaps  understanding  this  polynomial  ring  will  lead  to  a  deeper 
understanding  of  the  computational  limits  of  circuits  as  well  as  faster  algorithms 
in  computational  algebra.  In  the  course  of  our  discussion  we  will  point  out  the 
many  differences  between  working  over  fields  versus  over  rings  to  illustrate  the 
severity  of  the  existing  gap. 

1.1  Circuit  complexity  theory 

A  motivation  for  this  study  comes  from  circuit  complexity  theory  which  is 
the  study  of  determining  the  hardness  (or  relative  ease)  of  a  given  problem 
by  analyzing  the  circuits  that  represent  it.  A  circuit  can  be  thought  of  as  a 
directed  acyclic  graph  where  the  nodes  are  called  gates.  The  edges  leading  into 
a  node  can  be  thought  of  as  inputs,  and  the  edges  leaving  a  node  carry  the 
output  of  that  gate  on  its  given  inputs.  For  the  purposes  of  this  paper,  we  are 
concerned  only  with  boolean  circuits,  namely  each  input  can  take  on  a  value 
equal  to  either  0  or  1.  The  nodes  with  zero  in-degree  should  be  thought  of  as 
inputs.  When  the  inputs  are  set  to  some  initial  vector,  the  values  will  trickle 
through  the  circuit  producing  1  or  more  output  values. 

Now  it  is  clear  how  a  circuit  could  be  used  to  decide  membership  in  an 
arbitrary  set.  We  say  that  a  circuit  decides  membership  in  a  set  S  if  for  every 
candidate  encoded  in  zeros  and  ones,  our  circuit  outputs  a  T  on  that  input  if 
and  only  if  the  candidate  is  in  S. 

In  this  context,  we  wish  to  think  of  a  family  of  circuits,  one  for  each  different 
input  length.  We  can  also  measure  the  depth  of  a  circuit  in  the  obvious  way. 
A  family  of  circuits  has  constant  depth  if  each  circuit  in  the  family  has  depth 
at  most  k  regardless  of  the  length  of  the  input.  This  model  of  computation 
has  lead  to  many  interesting  results  such  as  the  fact  that  the  parity  fv.nc.tion 
cannot  be  computed  by  polynomial  size  constant  depth  circuits  [FSS84],  We 
can  make  this  model  even  more  interesting  by  allowing  gates  other  than  simply 
AND,  OR,  and  NOT.  In  fact,  it  is  known  that  constant  depth  circuits  which 
have  MOD;j  gates  cannot  compute  the  MODf;  function  for  any  q  that  is  not 
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a  power  of  p.  What  is  t.he  computational  signifigance  of  having  MODn  gates 
where  n  is  a  composite? 

We  further  restrict  our  model  of  computation  to  polynomials  which  repre¬ 
sent  boolean  functions.  We  say  that  a  polynomial  f  in  n  variables  represents 
the  OR  function  if,  when  restricted  to  inputs  of  0’s  and  l’s, 

1.  f(x  i ...  xn )  7^  0  when  x  *  =  1  for  some  i  <  n. 

2.  f(x i . . .  xn)  —  0  when  .t,  =  0  for  all  i  <  n. 

We  measure  the  complexity  ofpolynomial  /  by  its  degree.  Recall  the  degree 
of  a  multivariate  polynomial  is  the  maximum  over  all  monomials  of  the  sum 
of  the  powers  of  the  indeterminat.es  in  that  monomial.  It  is  known  that  for 
polynomials  over  a  field  (namely  over  the  integers  mod  p)  the  lowest  degree 
polynomial  representing  the  OR  function  on  N  variables  has  degree  \N/(p—  1)] 
[Smo87].  However,  the  bounds  on  the  degree  of  a  polynomial  over  a  ring  (the 
integers  mod  n)  are  not  as  precise.  The  best  known  lower  bound  on  the  degree 
of  a  polynomial  representing  the  OR  function  mod  n  is  fi(log  N)  [TB94],  and 
fairly  recently  a  surprising  upper  bound  of  O (N1/r)  where  r  is  the  number  of 
distinct  primes  dividing  n  was  discovered  [BBR94].  In  [BBR94]  we  learn  that  a 
low  a  degree  polynomial  for  OR  would  imply  the  existence  of  small,  low-depth 
mod  n  circuits  for  the  AND  function. 


2  Some  Important  Tools  in  Zn[x] 

2.1  The  Zn[x]  phenomena 

Definition  2.1  Let  Z  denote  the  ring  of  integers  and  Zn  Z/nZ  the  ring  of 
integers  modulo  n. 

Definition  2.2  Let  Zn[x]  denote  the  ring  of  polynomials  with  coefficients  from 
Zn- 


We  first  examine  a  few  instances  of  weirdness  in  the  ring  Zn[x\  with  a  few 
examples.  The  presence  of  zero  divisors  in  the  following  rings  allows  for  very 
strange  constructions.  Amazingly,  for  example,  the  polynomial  x  is  not  neces¬ 
sarily  irreducible  in  Zn[x]\  In  particular  we  can  write  the  following  factorization: 


x  —  (4.x  +  3)  (3a:  4-  4)  mod  6 


Here  a  congruence  f  =  g  mod  n  between  polynomials  means  that  f  —  g  has  all 
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coefficients  congruent,  to  0  mod  n.  We  show  later  how  to  prove  that  this  is  a 
factorization  into  irreducibles.  Also  note  that 

x2  +  7  =  (x  +  l)(.-r  +  7)  =  (x  +  ‘i)(x  +  5)  mod  8 

All  four  factors  above  are  in  fact  irreducible,  and  so  there  is  no  unique  factor¬ 
ization  in  the  composite  case.  We  turn  next  to  the  first  important  tool  needed 
here:  the  Chinese  Remainder  Theorem. 

2.2  The  Chinese  Remainder  Theorem 

Theorem  2.3  Let  R  be  a  commutative  ring  with  identity.  Let  A\,  A?  . . .  Ak 
be  ideals  in  R.  Then  the  map  R  —t  Rj Ay  x  RjAi  x  . . .  x  R/Ak  defined  by 
n->  (r+Ai,r+A2,. . .  ,  r+Ak)  is  a.  ring  homomorphism  with  kernel  AyD. .  .DAk- 
If  the  ideals  are  pairwise  comaximal  (i.e.,  for  each  i,j  £  {1,2,...  fc}  we  have 
Ay  +  Aj  =  R),  then  the  map  is  surjective,  and  we  ma.y  assert 


RKA1A2  ■  ■  ■  An)  =  R/Ay  x  RfAi  x  •  •  •  x  R/Ak. 

(A  proof  can  be  found  in  any  abstract  algebra  book,  for  example  [DF90].)  In 
particular  we  may  take  R  to  be  Zn[x]  and  its  corresponding  comaximal  ideals  to 
be  the  ideals  ZTik  [®]  for  each  prime  factor  Pi  dividing  n  where  n  —  Py'p*1  •  •  •  pj* . 
This  gives  us  a  nicer  representation  for  polynomials  in  Zn[x].  For  a  given 
/  £  ZH[x],  we  can  write  f  as  the  following  tuple: 


/  =  (/l,/2)...  ,/,) 

where  fi  equals  /  mod  p[' .  Operations  on  these  tuples  are  pointwise,  since  the 
mapping  is  an  isomorphism.  From  this,  we  see  that  an  irreducible  factor  g  of 
/  corresponds  to  the  following  tuple: 


(1,1,...  ,1,1) 

where  g,  is  irreducible  mod  p\' .  Clearly  no  two  tuples  can  multiply  together  to 
result  in  g  since  gL  is  irreducible.  Thus,  every  factorization  in  R  must  produdce 
products  of  tuples  of  the  above  form.  We  ignore  imits  for  the  time  being  since 
they  only  trivially  modify  the  above  factorizations.  This  discussion  gives  us  an 
immediate  corollary: 

Corollary  2.4  [vzGH96a]  Let  f  £  Zn[x\  and  n  =  rii<t<sF?''  77ie  number  of 
irreducible  factors  of  f  £  Zn\x\  is  the  sum  of  the  number  of  irred.ui.cble  factors 

of  fi  e  ZrfiM- 


We  show  given  a  factorization  into  these  tuples  how  we  can  reconstruct  a  fac¬ 
torization  in  Zn\x\. 

Proposition  2.5  Given  Zn[x]  —  Z  »•.,  [rr]  x  . . .  x  Znk*  [®]  and  f\  •  •  ■  fn  a  factor¬ 
ization  of  f  into  irreducibles  where  each  fi  has  the  tuple  form  above,  we  can 
reconstruct  a  factorization  in  Zn[x]  in  polynomial  time. 

Proof:  Let  fi  —  (31,52,. . .  ,5,).  Let  Coeff(/t,i)  denote  the  coefficient  of  the  ith 
power  in  the  polynomial  h.Let  M  be  the  degree  of  the  largest,  polynomial  in  /*. 
More  precisely,  we  look  at  all  the  polynomial  entries  in  the  s-tuple  for  /,  and  let 
M  be  the  degree  of  the  highest  degree  polynomial  entry.  Let  /jW  denote  the 
fcth  entry  in  the  s-tuple  corresponding  to  /,.  The  corresponding  coefficient  of 
each  power  of  x  in  ff  s  representation  in  Zn[x]  can  be  reconstructed  by  looking 
at  its  coefficient  in  each  entry  of  /,’s  s-tuple  in  the  following  manner. 


M 


/i  =  ^CRT(/»jV 

j=fl 


where  CRT(/*,  j)  denotes  the  solution  to  the  following  set  of  equations: 

y  =  Coeff(/i^\  j)  mod  pj1 
y  =  Coeff(/i(2),  j)  mod  p*'2 


V  =  Coeff(/i(,),j)  modpj' 


This  can  be  calculated  using  the  Chinese  Remainder  Theorem.  The  notation 
is  complicated  but  the  idea  is  simple.  Given  an  s-tuple  representing  a  polyno¬ 
mial,  we  can  reconstruct,  its  representation  in  Zn\x\  by  applying  the  Chinese 
Remainder  Theorem  coordinatewise.  ■ 

With  this  result  in  hand,  we  can  show  that,  factoring  polynomials  in  Zn\x]  is 
quite  difficult. 

Theorem  2.6  [Sha93]  There  is  a  polynomial  time  reduction  from  factoring 
integers  to  factoring  polynomials  in  Zn[x] 

Proof:  Given  some  n  €  Z  we  attempt  to  factor  it  by  examining  the  polynomial 
f  =  x  over  Zn[x],  Let  n  =  '  •  •  VkT ■  Recall  that  from  the  Chinese 

Remainder  Theorem,  /  has  an  equivalent  form  as  the  s-tuple  , x, x). 

Assume  that  we  can  factor  f  into  irreducibles  so  that,  (up  to  a  unit)  we  have 
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/=/l/2 


where  each  /,  is  irreducible  thus  having  the  form 


/i  =  (1,1,...  ,1,®,!,...  ,1) 


where  x  is  in  the  ith  position.  So  over  Zn,  each  /*  is  of  the  form  cut,  +  b1  mod 
n  with  cii,bI  e  Z  and  so 


b 


0  mod  pi' 
k • 

1  mod  pj1  for  i  ^  j 


Thus  the  gcd(n,  b ,)  =  p for  1  <  *  <  «.  So  our  factorization  of  x  immediately 
gives  us  a  factorization  mxm^  ■  ■  ■  mn.  We  need  only  figure  out  the  prime  and 
exponent  for  each  m.*.  Assume  that  m;  =  p^' .  Then  fc*  is  bounded  by  flog  mi]. 
We  can  take  j th  roots  where  j  varies  from  2  to  [log  mi] .  If  none  of  the  j th  roots 
are  in  Z,  we  know  m  is  prime.  If  one  of  the  jth  roots  is  in  Z  we  can  repeat  the 
procedure  on  the  result  until  a  prime  is  reached  and  then  easily  reconstruct  the 
exponent.  Since  the  size  of  the  exponent  is  logarithmic  in  m  this  a  polynomial 
time  procedure.  Thus,  the  existence  of  a  polynomial  time  algorithm  to  factor 
in  Z[x]  is  unlikely.  (Compare  this  with  the  many  randomized  polynomial  time 
algorithms  (See  [Ber7()[)  to  factor  in  F!.t]  where  F  is  a  field  to  see  the  contrast 
between  rings  and  fields.)  ■ 


2.3  Irreducibility  criteria  in  Zpk[x ] 

The  Chinese  Remainder  Theorem  reduces  the  problem  to  working  over  rings  of 
the  form  Zpt[x\.  Let  r  =  pk  from  now  on.  We  would  like  to  determine  what 
factors  of  a  polynomial  are  actually  irreducible.  We  establish  some  criterion 
to  determine  if  a  polynomial  in  Zj,t[x]  is  irreducible.  A  nice  observation  is  the 
following: 

Proposition  2.7  Given  an  f  €  Zpt  [rr;j  not,  equal  to  0  modp  we  can  write  f  as 
f  +  VQ  where  p  does  not  divide  /'. 


Proof:  Let 


n 

f  =  E^(<)  + 

t=0 

where  each  Oj  <p  and  j(i)  <  /c.  From  this  we  see 


/  =  a^1 
i=0  i=0 


P9 


r 


Now  we  can  deduce  the  following  remark: 

Proposition  2.8  Left  }  £  Zpi [.t]  not  equal  to  0  mod  p.  If  f  is  irreducible  in 
Zp[x]  then  f  is  irreducible  in  Zpk[x\  for  all  k  >  1. 

Proof:  Assume  f  is  reducible  in  Zpt  for  some  k.  Then  /  =  gh  mod  pk  and  using 
the  above  observation,  /  =  (g%  +pg2)(h\  +ph. 2)  mod  p.  Hence,  /  =  g\h\  mod  p 
contradicting  irreducibility  mod  p.  * 

This  formula  also  gives  a  characterization  of  all  the  units  in  Zn[x\. 

Proposition  2.9  Let  f  £  Zpk[x ]  such  that  f  /  0  mod p.  The.n  f  is  a  unit  in 
Zpk[x]  if  and  only  if  f  is  of  the  form  a  +  pg  where  a  £  Zp. 

Proof:  Every  polynomial  /  can  be  written  in  the  form  f\  +  p/2  where  we  have 
gcd(/i,p)  —  1.  Assume  /  is  a  unit  and  assume  f\  has  degree  >  1.  Since  /  is  a 
unit,  there  exists  h  =  (h\  +  p/1.2)  such  that  fh  =  1.  This  implies 


Ml  +p((Ml  +  M2)  +pf2h2)  =  1  +p  •  0 

But  fi  has  degree  strictly  bigger  than  0,  and  both  gcd(f\ ,  p)  —  1  and  gcd{h\ ,  p)  = 
1.  Thus  the  monomial  of  highest  degree  in  f  \  cannot  have  cancelled  out.  So 
f\h\  could  not  possibly  be  the  constant  polynomial  1.  Hence  for  f  to  be  a  unit, 
it  must  be  of  the  above  form. 

If  f  =  a  +  pg  where  a  £  Zp  then  /  =  (1  —  a~1(—p)g).  The  following  familiar 
identity  is  helpful: 


1 

1  -h 


1  +  h  +  h?  +  ■  •  •  + 
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and  thus 


/  1  =  1  +  a  \-p)g  +  {a  ^-p)^)2  +  •  •  ■  [a  1(-p)g)k  1 

Notice  that  after  the  A;  —  1  term,  all  of  the  terms  have  a  factor  of  pk  in  them 
which  zero  out.  Our  inverse  is  thins  a  well  defined  element  of  Zpk[x\.  a 

This  also  tells  us  that  if  /  mod  p  is  a  unit,  then  /  mod  pk  is  a  unit  for  all  k  >  1 . 

2.4  Hensel’s  Lemma 

In  order  to  further  our  analysis  of  irreducibility  as  well  as  develop  a  method  of 
factorization,  we  introduce  the  most  important  mathematical  tool  of  the  paper: 

Theorem  2.10  [Hensel’s  Lemma]  Let  p  be  a  prime,  k  >  1  ,and  let  f ,  g,h  e 
Z[x]  such  that  f  =  gh  ^  0  mod  p  and  gcd(g  mod  p,  h  mod  p)  =  1  in  Zp[x\. 
Then  there  exist  polynomials  g  and  h  such  that  f  =  gh  mod  pk  with  g  =  g  mod 
p,h  =  h  mod p. 

Proof:  [BS96]  We  give  an  algorithm  to  construct  g'  and  h!  and  prove  its  cor¬ 
rectness. 


Step  1.  Find  A  and  p  €  Zp[x]  such  that  A g  +  ph  =  1.  (We  know  such  A  and  p 
exist  since  g  and  h  are  relatively  prime.  We  can  find  them  easily  by  using  the 
Extended  Euclidean  Algorithm  for  polynomials.) 

Step  2.  Iteratively  construct  polynomials  g'  and  h!  according  to  the  following 
for  loop: 

for  i  =  2  to  k  do 

9  s=  (/  -  ffh)/(p,_1)  mod  p 
u  :=  qp  mod  g 
v  :=  qX  mod  h 

g  ■—  g  +  p,-1u 

h  :=  h  +  pl~kv 

end 

Return  (g'  —  g,h'  =  h) 

The  proof  of  correctness  is  by  induction  on  i.  Assume  that  /  s  gh  mod  pI_1 
(g  and  h  are  also  monic).  Notice  that  the  construction  of  q  makes  sense  since 
f—gh  =  0  modp’-1.  We  need  only  check  that  (g+p,-1ii)(/i+pI_1i))  =  f  modp1. 
Hence,  we  have 
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(g  +  pl  lu)(h+p 1  *«)  =  gh+pl  1  (uh  +  vg)  +  p2‘  2uv  mod  p1 
=  gh  +  p1_1  (uh  +  vg)  mod  p1 


but.  notice 


lift  +  vg  s  lift  mod  g 
~  qph mod  g 
=  <?(1  -  Ap)  mod  g 
=  <j  mod  g 


Similarly  we  can  see  that  uh+vg  =  q  mod  ft.  Since  ft  and  g  are  coprime,  by  the 
Chinese  Remainder  Theorem  we  see  that  uh  +  vg  —  q.  Hence  in  our  original 
equation  we  have 


(g  +  p'  lu)(h.  +  pl  1v)  =  gh+p 1  'qmodp’ 

=  f  mod  p1 

Thus  g  —  (g  +pl~lu)  and  ft  =  (ft  +pl-1v)  are  as  required. 

■ 

From  Proposition  2.8,  if  g  and  ft  are  irreducible  then  g  and  ft  are  irreducible. 
Now  we  can  show  why  we  only  care  about,  monic  polynomials. 

Corollary  2.11  Let,  f  £  Zpt[x]  with  k  >  1.  Finding  the  irreducible  factors  of 
f  reduces  to  the  cose  where  f  is  monic. 

Proof:  [vzGH96a]  We  can  write  /  as  pvg  where  gcd(p,<?)  =  1.  Then  g  = 
eomo  modp  where  en  is  a  unit  mod  p  and  thus  mod  p*.  Since  gcd(eo,m)=  1, 
we  can  use  Hensel’s  Lemma  to  find  a  lifting  such  that,  g  =  em  mod  pk~"  where 
e  =  eo  mod  p  and  m  =  mo  mod  p  where  m,  is  monic.  But  since  we  have 
factored  out  pv  from  /,  every  factorization  of  /  corresponds  to  a  factorization 
of  g  mod  pk~v .  Thins  we  need  only  look  at  the  irreducible  factors  of  p"  (which 
are  trivial)  and  the  irreducible  factors  of  m.  up  to  units,  but  m  is  monic.  Hence, 
we  need  only  consider  monic  polynomials  from  now  on.  ■ 

Now  it  is  somewhat  clearer  as  to  how  to  go  about  finding  one  factorization 
of  a  polynomial  mod  n.  We  first  look  at.  the  irreducible  factors  of  /  mod 
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p  and  use  Hensel’s  Lemma  for  each  factor  and  for  each  prime  divisor  of  n. 
Then  we  reconstruct  the  factorization  mod  n  using  the  Chinese  Remainder 
Theorem.  This  leaves  us  with  two  important  questions.  First,  what  happens  if 
f  =  gk  mod  p  for  some  irreducible  g  (i.e.,  how  do  we  lift  in  this  case)?  Secondly, 
how  do  we  compute  all  the  different  factorizations  of  /? 

2.5  A  naive  approach  to  factoring 

At  some  point,  all  known  methods  for  computing  all  of  the  factorizations  of 
a  polynomial  require  solving  a  system  of  linear  equations.  We  will  illustrate 
this  by  constructing  an  extremely  poor  factoring  algorithm.  Assume  we  want 
to  compute  all  the  factorizations  of  a  polynomial  /  6  Z[x]  mod  pk.  Let  us  also 
assume  that  we  are  not  interested  in  factorizations  where  any  given  factor  has 
degree  greater  than  or  equal  to  the  given  polynomial.  One  way  to  do  this  is 
to  solve  a  complicated  system  of  equations  (via  the  method  of  undetermined 
coefficients)  with  the  knowledge  that  every  factorization  mod  pk  corresponds 
to  a  unique  factorization  mod  p.  For  example: 

Example  2.12  Let  f  G  Z[x]  where  f  =  gh  mod  p.  We  wish  to  compute  all  the 
factorizations  of  f  mod  p2 .  Assume  that  f  factors  modp  into  linear  polynomials 
so  that  g  =  go  +  g\x  and  h  —  hn  +  h\x- 


Now  notice  that  all  factorizations  mod  p2  must  satisfy  the  following  system  of 
equations: 


f  =  (g  +  pG)(h  4-  pH)  mod  p 2 

where  G  and  H  are  some  unknown  Unear  polynomials  G  Zp[x\.  Then  let  G  = 
Go  +  G\t,  and  II  ~  Ho  4-  H\x.  Expanding  the  above  equation  gives  us  /  = 
gh  +p(Hagn  +  Higax  +  Hng\x  4-  Higxx2  +  GnhQ  +  Gihax  +  Gahix  +  Gi/ipr2)  + 
p2  (. . . )  mod  p2 

Since  we  are  working  mod  p2  the  last,  term  drops  out.  We  only  need  the 
coefficient  of  the  p  term  to  be  zero  for  our  factorization  to  work  out  properly. 
Hence  we  need 


G\h\  +  H\g\  =  0  mod  p 
G\ha  +  Higa  +  Hoff!  +  G0hi  s  0  mod  p 
Hagn  +  Gnha  =  0  mod  p 


Notice  that  h o, ht,ga,gi  are  fixed  values  since  we  compute  the  factorization  of 
/  mod  p.  Hence,  we  have  a  system  of  linear  equations  which  can  be  solved 
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rather  easily.  This  approach  begins  to  break  down  as  we  need  to  factor  moduo 
larger  powers  of  p  as  well  as  if  we  need  to  compute  factors  with  larger  degrees. 
The  next  section  will  give  us  a  better  approach  to  this  process. 

3  The  Case  of  Small  Discriminants 

The  problem  of  computing  all  factorizations  of  a  polynomials  can  be  divided 
into  two  radically  different  cases.  The  case  when  the  discriminant  is  small 
requires  important  properties  of  the  p-adic  numbers.  Abstractly,  every  factor¬ 
ization  mod  pk  of  a  polynomial  whose  discriminant  is  ’small’  corresponds  to  a 
unique  factorization  over  the  p-adics.  Thus,  with  a  factorization  from  the  p- 
adics  our  problem  is  greatly  simplified  as  we  shall  see.  We  follow  development 
partially  outlined  in  [vzGH96a], 

3.1  The  p-adic  numbers 

Kurt  Hensel  invented  the  p-adic  numbers  in  the  early  twentieth  century  in  order 
to  solve  number  theoretic  problems.  Since  then  they  have  been  an  important 
tool  in  both  analysis  and  algebra  for  many  different  problems.  We  give  some 
brief  introductory  material  for  concreteness  concerning  the  p-adics  (see  [BS66] 
for  a  complete  treatment  of  this  material). 

Definition  3.1  Fix  some  prime  p.  A  p-adic  number,  denoted  {rrn},  is  a  se¬ 
quence  of  integers  satisying 


xn  =  xn_i  mod  pn. 

Two  sequences  {.7;n}  and  {x'n}  determine  the  same  p-adic  integer  if  and  only  if 

xn  =  x'n  mod  p"+1. 

It  is  easy  to  see  that  each  p-adic  integer  has  the  following  canonical  form: 


{xn}  =  {ran, a0  +  ajp, a0  +  aip  +  a2p2, . . .  } 

where  each  a,  S  {() . .  .p  —  1}.  Let  Z^  denote  the  ring  of  p-adic  integers  where 
the  addition  and  multiplication  operations  are  performed  coordinate-wise.  It 
easy  to  see  that  for  x,  y  €  Z^,  xy  and  x  +  y  are  p-adic  integers  and  so  our  ring 
is  well  defined.  We  will  introdce  the  more  conventional  notation  for  a  p-adic 
integer,  namely  an  infinite  sum  of  the  form  a  —  JT>np!rvi  where  <  p  for  all  i 
later  in  this  section.  We  now  aim  to  show  a  fairly  simple  property,  namely  that 
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Z(p)  [a:]  are  a  unique  factorization  domain.  Compare  this  with  earlier  examples 
that  show  Zpk  [x\  is  not  a  UFD.  The  following  theorem  can  be  found  in  any 
book  on  abstract  algebra: 

Theorem  3.2  If  a  ring  R  is  a  UFD  then  R[x]  is  a  UFD 
Lemma  3.3  If  a  p-adir.  integer  {xn}  is  a  unit  then  xq  ^  0  mod  p. 

Proof:  If  {.i;n}  is  a  unit  then  there  exists  a  {i/n}  such  that  {xnyn}  =  1  Vn.  In 
particular  xq-ijq  =  1  mod  p  Hence  .xq  must  be  relatively  prime  to  p.  m 


Theorem  3.4  Every  p-adic  integer,  distinct  from  zero,  has  a  unique  represen¬ 
tation  in  the  form  a  =  pke  where,  e  is  a  unit. 

Proof:  [BS66]  Let  a  €  Z^y  Then  if  a  is  a  unit.,  take  k  =  0.  If  a  is  not  a  unit 
then  let  k  be  the  smallest  index  for  which 


Xf.  ±  0  mod  pk 

Prom  the  definition  of  p-adic  numbers,  Xk+S  =  Xk~\  =  0  mod  pk.  Let  ys  — 
for  all  s  >  0.  Notice  that 


PkV«  ~Pky. i-i  -  x-k+i  -  x,h+s-i  =  0  mod  p*+* 


and  thus 


Vh  =  P.,-i  mod  p " 

Hence,  {p,,}  determines  p-adic  unit.  Clearly  {m„}  —  pk{y.s}.  ■ 

Theorem  3.5  Zqq  is  a  UFD. 

Proof:  Consider  some  a  g  Z^y  Then  from  Theorem  3.4,  a  —  pke  for  some 
unit  e.  Hence,  a  =  p  -  •  -  p  e.  But  p  is  trivially  irreducible,  so  this  could  be  the 

k  times 

only  factorization  up  to  units.  Hence,  Z/pi  is  a  UFD.  ■ 

From  Theorem  3.2,  Z^lx]  is  a  UFD.  Now  that  we  have  established  that  Z^x] 
is  a  UFD,  we  need  to  determine  the  relationship  between  factorizations  in 
and  factorizations  in  Zpt[x\.  (This  is  done  in  Section  3.3)  To  do  this 
we  introduce  a  non-archimidean  metric  as  well  as  an  alternate  way  of  viewing 
p-adic  numbers. 
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Definition  3.6  A  metric.  &  is  called  non-archimidean  if  and  only  if 


/>(x  +  y)<  max  (6(3:),  1%)) 

Definition  3.7  We.  define,  the.  function  vp  by  the.  following  equation 

.  .  f  v  if  a  /  0  and  pv  is  the.  largest,  power  of  p  dividing  a 

1  '  [  oo  ij  a  —  0 

The  function  vp  is  usually  called  a  valuation.  It  is  easy  to  see  that  the  function 
p-vpM  def|nf.s  a  non-archimidean  metric,  on  the  p-adic  integers.  Let  Sp  repre¬ 
sent  this  p-adic  metric. 

With  this  metric  in  hand,  we  can  form  a  more  convenient  representation  of  a 
p-adic  integer.  For  any  «  =  (r*i, a 2,  •  •  • )  €  ftp)  we  can  write  a  as  the  following 
sum: 


» =  fop1 

i>  0 

where  ft  =  a*  — «j_i  and  ft  =  «n-  Normally,  this  series  would  diverge,  but  with 
our  p-adic  metric,  larger  powers  of  p  result  in  smaller  values  from  the  p-adic 
metric.  Let  Sn  denote  the  sum  of  the  first  n  terms  of  a.  Then  Sp(Sn)  =  -p;. 
Hence  our  sum  converges  and  our  representation  for  a  is  well  defined. 
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3.2  Resultants 


Recall  that  in  order  to  use  Hensel’s  Lemma  to  lift  a  factorization  of  some 
polynomial  /,  we  require  f  to  have  a  factorization  into  a  product  of  at  least 
two  relatively  prime  polynomials  mod  p.  We  would  like  to  he  able  to  detect 
the  ’difficult’  cases  where  /  is  a  power  of  a  single  irreducible  polynomial  mod 
p.  The  following  material  is  outlined  in  [CL092].  For  an  excellent  description 
of  how  resultants,  discriminants,  and  polynomial  greatest  common  divisors  are 
computed,  see  [Akr89], 

Lemma  3.8  Let  f,g€  Z\x\  be.  polynomials  of  degrees  l  >  0  and  m  >  0  respec¬ 
tively.  Then  f  and  g  have  a  common  factor  if  and  only  if  there  are  polynomials 
A,B  £  Z[x]  such  that 

1.  A  and  B  are  not  both  zero 

ti.  A  has  degree  at  most  m  —  1  and  B  has  degree  at  most  l  —  1 
3.  Af  +  Bg  =  0. 

Proof:  [CL092]  Assume  /  and  g  have  a  common  factor  ft  £  Z\x\.  Then 
f  —  hf\  and  g  =  hg\  where  fi,g\  £  Z[x\.  We  see 


91  f  +  (~fi)g  =  9\hf\  -  fihgi  --  0. 

A  =  gt  and  B  =  —  f\  are  as  required.  Now  assume  that  polynomials  A  and  B 
have  the  three  above  properties.  By  (1  ),B  ■£  0.  Proceed  by  contradiction  and 
assume  that  f  and  g  have  no  common  factor.  Then  they  are  relatively  prime 
and  we  can  find  polynomials  A'  and  B'  such  that  A'f  +  B'g  —  1.  Multiplying 
by  B  and  keeping  in  mind  the  fact  that  Bg  —  -  Af  we  see  that 

B  =  {A'f  +  B'g)B 
=  A'Bf  +  B'Bg 
=  A'Bf-B'Af 
=  (A'B-B'A)f 


But  B  is  nonzero  and  from  the  last  equation  must  have  degree  at  least  that  of 
/,  namely  l.  This  contradicts  (2).  Hence,  /  and  g  must  have  a  common  factor 
of  positive  degree.  ■ 

Now  given  /  and  g  we  would  like  to  see  if  we  can  compute  such  an  A  and  B 
to  determine  if  they  do  indeed  have  a  common  factor.  This  problem  reduces  to 
solving  the  following  system  of  linear  equations.  Let 
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A  =  cRxm~l  +  ■  ■ 

1  •  +cm_i 

B  =  dax1-1  +  ■ 

•  •  +di~  i 

where  the  coefficients  of  the  polynomials  should  be  thought  of  as  unknowns. 
We  want  to  find  a  solution  such  that  the  equation  Af  +  Bg  =  0  holds.  To  do 
this  we  can  also  write  out  /  and  g 

f  =  tiox1  H - h  «(,  flo  5^  0 

g  -  bnxm  ■+ - 1-  bm,  bn  ^  0 

substituting  appropriately  we  achieve  the  following  rather  large  system  of  linear 
equations: 


ao®n 

+ 

bRda 

=  0 

coefficient  of  1 

ojco  +  aaci 

+ 

bffia  +  badi 

=  0 

coefficient  of 

1 

+  bmdi_  i 

=  0 

coefficient  of  .r°. 

This  is  an  appropriate  time  to  introduce  the  Sylvester  Matrix. 

Definition  3.9  Given  polynomials  f,g  as  above,  the  Sylvester  matrix  of  f  and 
g  is  the  coefficient  matrix  of  the  above  system  of  equations.  We  denote  this 
Sylvester  matrix  as  S(f,  g )  by  the  follotuing  ( l  +  m)  x  (l  +  m)  matrix 


the  empty  spaces  are  filled  by  zeros.  The  Sylvester  matrix  is  the  coefficient 
matrix  of  the  above  system  of  equa.ti.ons.  The  resultant  of  f  and  g  with  respect 
to  x  denoted  Res(f,g)  is  the  determinant,  of  the  Sylvester  matrix.  Hence, 

R™(f,g)  =  det{S{f,g)) 
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An  immediate  result  of  the  preceding  discussion  is  the  following  proposition: 

Proposition  3.10  Given  /,  g  £  Z[x\  of  positive  degree,  the.  resultant  Re.s(f,g)  £ 
Z  is  an  intege.r  polynomial  in  the.  r.oe.ffir.ie.nt,s  of  f  and  g.  Purthe.rmore,  f  and 
g  have,  a  common  factor  £  Z[x]  if  and  only  if  Re.s(f,g)  =  0. 

Proof:  [CL092]  The  resultant  is  zero  —  the  coefficient  matrix  of  equations 
has  zero  determinant  —  the  system  of  equations  has  a  nonzero  solution.  ■ 

Another  important  consequence  of  resultants  is  the  following  proposition: 

Proposition  3.11  Given  f,g  £  Z[x\  of  positive,  degre.e.,  there,  a, re.  polynomials 
A,B  £  Z[x\  such  that  Af  +  Bg  =  Res(f,g). 

Proof:  We  have  previously  analyzed  a  case  where  we  were  searching  for  a 
solution  to  the  equation  Af  +  Bg  =  0.  Now  we  analyze  the  case  where  we  want 
a  solution  to  the  equation  A'f  +  B'g  =  1.  We  form  the  following  similar  system 
of  equations: 


(lotto 

+ 

ha  do 

=  0 

coefficient  of  xl+m  1 

«ico  +  oo«i 

+ 

hi  do  +  hodi 

=  0 

coefficient  of  xl+m~ 2 

1 

+ 

coefficient  of  x°. 

Cramer’s  rule  can  be  used  to  solve  this  system  of  equations  resulting  in  the 
following  solution  (the  details  are  worked  out  in  CLO). 

A'  =  ■-  )  A 

Re.s{f,g) 

nt  „  _ ^ _  D 

Res(f,g) 

Multiplying  through  by  Res  (fig)  we  see  that 


Af  +  Bg~  Res(f,g) 


To  summarize,  given  f,g(z  Z[x\  the  Res(f,g)  -f  0  if  and  only  if  f  and 
g  are  coprime.  We  also  know  that  we  can  find  polynomials  A  and  B  such 
that.  Af  +  Bg  =  Res(f,g).  Furthermore,  for  any  polynomial  h  £  Z[x]  with 
deg(h)<  l  +  m  there  exist  uniquely  determined  polynomials  A  and  B  such 
that  re.s(f,g)h  =  Af  +  Bg.  The  uniqueness  of  A  and  B  comes  from  the  fact 
that  h  has  degree  less  than  /  +  m.  The  degree  of  h  insures  that  the  system  of 
equations  we  have  to  solve  is  similar  to  the  two  others  introduced  in  this  section. 
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3.3  The  correspondence  to  factoring  over  the  p-adics 

Definition  3.12  Let,  f  =  a^x1  +  ...  +  «/  6  Z[x\.  The  discriminant  of  f  is 
defined  as  follows: 

t- i)i(<-D/2 

disc(f)  =  - Res  (/,/') 

no 

where  f  is  the  derivative  of  f. 

It.  is  well  known  that  f  is  sqnare-free  if  and  only  if  its  discriminant  is  non-zero. 

Notation  3.13  Let  g,h,  £  Z[x].  Then  r(g,h)  =  vp(res(g,h))  and  d{g)  = 
Vp(disc(g)),  where  disc(g)  is  the  discriminant  of  g. 

Now  we  can  prove  the  major  technical  theorem  of  this  section: 

Theorem  3.14  [Hensel’s  Lemma  II]  Let,  p  6  Z  prime  k  6  N  and  f,u,w 
£  Z\x\  he  polynomials  of  degrees  n+m,  n,  and  m  respectively  with  the  following 
properties 

1.  f  =  nil}  modpfc  and  the  leading  coefficients  (Ic)  of  f  and  uw  are  equal 

2.  the  resultant,  res(it,w)  is  nonzero 

3.  k>2r(u,w) 

Then  there  are  polynomials  g,  h  £  Z^[x]  such  that 

f  —  gh,  e  Zw\x],g  =  u  mod  pk~T^'"\h  =  w  mod  pk~rM 

Proof:  [vzGH96a]  Set  p  —  r(u,  w).  We  will  inductively  construct  polynomials 
(pi  and  ip,  £  Z{x]  such  that  if 


f  =  ab  mod  /+1_1 

with  a,  b  £  Z[x\  such  that  a  =  u  mod  pk~p  and  b  =  w  mod  pk~n  then 


f  =  (a  +  pk->,+i-1ilH){b+pk-i’+i-1(pi)  mod  pk+i 

Note  that  if  we  can  do  this  then  we  will  have  proved  the  claim.  If  we  have  for 
every  i  >  0  such  a  polynomial,  then  we  can  sum  over  all  positive  i,  and  we  will 
have  a  polynomial  with  p-adie  coefficients  that,  satisfies  the  above  claims.  It  is 
important  to  realize  that,  the  infinite  sum  does  not  result  in  an  element  of  the 
ring  of  formal  power  series.  This  is  because  ipi  and  i />,•  have  bounded  degrees, 
and  only  the  coefficients  in  our  resulting  sum  can  be  thought  of  as  an  infinite 
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sum. 


Assume  that  f  —  uw  mod  pk,i  >  1,  and  n,  b  G  Z[x]  are  already  constructed 
such  that  f  =  ab  mod  pk+t~l.  Then  /  =  ah  4-  pfc+,_1Z  where  l  €  Z[x]  and 
deg(l)  <  n  +  m  since  lc(afe)  =  lc(/).  Notice  that  a  =  u  mod  pk~p  and  b  = 
w  mod  pk~p.  Also,  k  —  p  >  p  so  a  is  equivalent  to  it  and  b  is  equivalent  to  w 
modulo  a  higher  power  than  the  largest  power  of  p  dividing  the  resultant  of 
u  and  w.  Thus  r(a,  b)  can  be  no  larger  than  r(«,  w)  (If  it  were  larger,  then  we 
could  calculate  r(a,  b)  and  mod  out  by  pk~p  to  find  a  larger  r(u,  in)).  Since  they 
are  equivalent  modulo  pk~p,  r(a,b )  >  r(u,w).  Hence  r(a,b )  =  r(u,  w).  Now 
we  can  use  Proposition  3.11  to  find  ipi  and  ip,  £  Z[x]  of  degrees  less  than  m,n 
such  that 

ppl  =  aipi  +  hi pi 

and  thus 

p°l  =  atpi  +  bipj  mod 

Then  we  see 

f  -  (a  +  pk~p+i~lipi)[h  +  pk~fl+i~1ipi) 


=  {  —  ab  —  pk  'I+t  1{aipi+bi/ii)  -p2k  2,1+21  2(piipi 
=  Pk+i~li  -  Pk-p+i~ yi  -  p2k-2p+2i-2<piipi 
=  (1  mod  pk+i 


because  i  >  1  and  k  >  2 p.  We  do  this  for  all  i  >  0  in  order  to  construct,  the 
following  polynomials: 


9  =  U  +  Ylph  n+l  1^i 

i>  1 

h=w+'^2pk-fi+i-i'ipi 
i>  1 

Expanding  out  the  above  sums  reveals  that  g  and  h  have  coefficients  which  are 
inifinite  sums  that  correspond  to  a  p-adic  integer.  Almost  magically,  /  =  gh 
over  Z(j, )  [ar]  since  /  =  gh  mod  pk  for  all  k.  By  our  above  construction,  g  = 
u  mod  pk~p  and  h  =  w  mod  pk~p.  m 
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Theorem  3.15  Condition  (c)  is  true  if  k  >  disc(f). 

Proof:  The  proof,  found  in  both  [vzGH96a]  and  [BS66],  goes  as  follows:  Let 
}  —  gh  with  g,h  6  Z(p)[x].  Then 


disc(f)  =  disc(gh)  =  disc(g)disc(f)res(g,h)2 

Thus,  d(f)  =  d(g)  +  d(h)  +  2 r(g,h)  >  2 r(g,h).  Since  the  discriminant  and 
the  resultant  are  polynomials  in  the  coefficients  of  /,  g,  ft,  the  same  is  true  for 
factorizations  over  Zpi  .  m 

Hence,  for  any  polynomial  whose  discriminant  is  smaller  compared  to  the 
power  of  the  prime,  we  know  the  following:  Any  factorization  of  /  =  gh  mod 
pk  corresponds  to  a  unique  factorization  over  the  p-adics.  This  factorization 
f  —  gh  £  is  equivalent  to  gh  mod  pk~f^'h).  In  essence,  given  any  two 

factorizations  /  =  gh  mod  pk  and  /  =  g'h!  mod  pk,  gh  —  g'h'  mod  pk~P(9’h'> . 
We  note  von  zur  Gathen  formalizes  this  in  the  following  way: 

Proposition  3.16  Let.  f  =  rii<i<(9*  0VRr  ^(p)  disc(f)  ^  0,  2  >  1  and 
9i  €  Z(p)[v]  monic  and  irreducible  for  1  <  i  <1.  Let,  f  =  gh  mod pk  with  g,  h  € 
/Z[®]  monic  and  k  >  d(f).  Then  there  exists  a  partition  {1, . . .  ,2}  =  SliS1  such 
that  g  =  Ilig.v 9i  mod plc~i’  and  h  =  Ilje.v'Si  with  P  =  r(U.i£s 9ulljeS' 9j)-  If 
g  is  irreducible  over  Zpk  [.r]  then  there  exists  1  <  i  <  l  such  that  g  =  gt  mod 

Proof:  The  proof  follows  immediately  from  Theorem  3.14.  Given  some  fac¬ 
torization  /  =  gh  mod  pk,  we  can  lift  this  to  a  factorization  /  =  gh.  But 
factorization  over  Z^[x]  is  unique,  hence  the  irreducible  factors  of  /  are  par¬ 
titioned  among  /  and  g  and  hence  their  respective  projections  mod  pk~r(9’h). 


3.4  An  improved  factorization  method 

Now  we  can  give  a  much  better  algorithm  for  computing  all  of  the  factorizations 
of  some  /  mod  pk.  First  we  need  to  calculate  one  factorization  into  irreducibles 
of  /  mod  pk.  Sometimes  this  can  be  done  by  a  complicated  set  of  lifting 
procedures  (See  Appendix  A)  or  by  Chistov’s  algorithm  [Chi94]  for  computing 
the  factorization  of  a  polynomial  over  a  local  ring  (namely  the  p-adics  in  this 
case).  Chistov’s  algorithm  gives  ms  a  factorization  in  Z^[x],  but  we  can  simply 
mod  all  of  the  factors  by  pk  to  retrieve  a  factorization  into  irreducibles  mod  pk. 
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In  order  to  determine  all  factorizations  we  need  to  solve  some  systems  of  linear 
equations.  They  are  considerably  simpler,  however,  because  of  Theorem  3.14. 
Given  /  €  Z[x]  and  a  factorization  /  =  IIi<i<z  9i  m°d  Pk  we  know  for  each 
irreducible  factor  u  of  /  over  Zpk[x],  u  =  gi  mod  pk~r^uh.)  where  /,  =  J 
Hence  any  factorization  of  /  must  correspond  to  a  solution  of  the  equation 
found  in  [vzGH96a], 


/ 


where 


(gi  +  pk-r(9i-h)<p)(h  +  pk-r<-9"»iP)  mod pk 
pk-r(9i,h. )(lf)h  +  _  v2k-2r(9i,h)^  _  ()  m[)d  pk 

iph  +  tpgi  =  0  mod  pr(9i'^ 


S(gith) 


(  'pm- 1  \ 

pn 

1pn—l 

V  V’O  / 


=  0  mod  pr(9i’h) 


p-  piX' 

0  <i<m 


ip=  ^ 

0  <i<n 

Any  solution  to  the  above  equation  corresponds  to  a  factorization  mod  pk. 
After  finding  all  solutions,  we  can  set  gi  =  <?j+i  and  h  —  h,/gi+ 1,  and  solve 
another  system  of  equations  until  we  have  found  all  possible  irreducible  factors. 
If  at  each  step  there  are  at  most  N  different  solutions  found  then  we  could 
conceivably  have  Nl  distinct  factorizations  into  irreducibles.  Since  choosing  any 
set  of  l  factors  (1  from  a  possible  N  at  every  step)  will  result  in  a  factorization  of 
f  mod  pk.  Fortunately,  there  are  polynomial  time  algorithms  to  put  the  above 
Sylvester  matrix  in  Smith  normal  form,  giving  us  a  relatively  easy  method  for 
solving  the  system  of  equations  and  preserving  solutions  mod  pk. 

4  Factoring  when  the  Discriminant  is  Zero 

When  k  is  not  bigger  than  2 p  we  cannot  use  the  above  machinery  to  help  us  in 
finding  factorizatious.  As  long  as  disc(f)  is  non-zero  (as  long  as  our  polynomials 
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have  at  least  two  coprime  factors  mod  p)  we  have  some  way  of  computing  at 
least  one  factorization.  If  the  discriminant  of  our  polynomial  /  is  zero,  i.e., 
f  =  gR  modp  for  some  irreducible  polynomial  g,  it  is  not  clear  how  to  even 
lift  this  factorization  to  one  mod  pk.  This  section  will  look  at  these  rather 
unfortunate  cases  outlined  in  [vzGH96bj. 

4.1  Lifting  conditions 

Theorem  4.1  [vzGH96b]  Lei  f  =  uw  mod  pk  =  gr  modp,  g  irre.duc.ible.  over 
Zp[x]  and  e.  >  2,  k  >  1  with  u,w  €  Z[x]  mnnic  and  u  =  g1  mod  p,  w  = 
gR~l  modp  for  some.  I  <  |.  Then  the.  following  are.  equivalent,: 

1.  f;r  £  Z[x]  over  Zp  divisible,  by  gl . 

H.  For  every  <p  6  Z[x\  with  deg(ip)  <  deg(u)  there,  exists  a  polynomial  ip  g 
Z\x\  with  deg(ip)  <  deg(w)  such  that  f  =  (u  +  pk<p)(u>  +  pkip)  moApk+1. 

3.  There  exist  polynomials  ip,  ip  6  Z[x]  with  deg(ip)  <  deg(u),  and  deg(ip)  < 
deg(w)  such  that  f  =  (u  +  pkip)(w  +  pkip)  modpfc+1. 

f.  There  exist  polynomials  i p,ip  5  Z[x\  with  f  =  (u  +  pktp)(w  +  pkip)  mod 

pfc+1. 

Proof:  ( i )  =>  (ii).  Let  I =  glct  modp  with  a  €  Z[x\,  and  q>, ip  6  Z[x]  with 
deg(<p)  <  deg(«),  and  ip  =  a  —  gR~2ltp  mod  p.  Notice 


/  -  (u  +  pk<p)  (u>  +  pkij) )  = 


f  -  uw  —  pk(ip  +  ipu) 
f  -  uw  -  pk(<pgr~l  +  (a  -  gr'~7lp)gl) 
f  —  uw  —  pkg‘a 
(1  mod  p,:+1 


(ii)  =t-(iii)  =>  (iv).  We  are  left  with  (iv)  =>-  (i).  Let  tp,ip  6  Z[x\  with  /  = 
(u  +pk<p)( w  +pkip)  mod  pfc+1.  Then 

ipw  +  ipu 

<pgR~l  + 1 pgl 
9l(T9e~21  +  ip)  modp. 


/  —  uw 

pfc 
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With  this  in  hand  we  can  prove  show  a  certain  class  of  polynomials  to  be 
irreducible  mod  pk  for  all  k  >  2. 

Definition  4.2  We  call  f  =  e  %\x\  an  Eisenstein  polynomial  if 

if  “n  —  1  and  a;  =  0  mod  p  for  0  <  i  <  n  and  an  ^  0  mod  p2. 

Corollary  4.3  Let,  p  €  Z  be  prime  and  f  6  Z[x]  an  Eisenstein  polynomial. 
Then  f  is  irreducible  modp*  for  all  k  >  2. 

Proof:  [vzGH96b]  Since  f  is  Eisenstein,  /  =  xn  mod  p.  In  this  case,  g  =  x. 
Let.  1  <  l  <  Then 


/  -  x.x 


l„n-l 


_  Ui" 
0  <i<n 


But.  an  0  mod  p  thus  q  m()(i  p.  We  fail  criterion  (i)  in  Theorem  4.1, 

so  /  cannot  be  lifted  to  a  factorization  in  Zp j[*].  Thus,  f  must  be  irreducible 
mod  pk  for  all  k  since  if  it  were  reducible  mod  pk  for  some  k  >  3  we  could 
simply  mod  the  factors  by  p2  and  find  a  factorization  mod  p2.  m 


4.2  Some  examples 

We  can  tise  the  lifting  criterion  to  create  an  (admittedly  slow)  algorithm  for 
computing  all  the  factorizations  of  a  polynomial  f  that  equals  gK  mod  p  for 
some  irreducible  g  mod  p.  Say  we  want  to  find  all  factorizations  mod  pk.  We 
choose  1  <  l  <  |  starting  at  l  =  1  and  apply  see  if  the  factorization  mod  p  can 
be  lifted  to  p2  by  computing  and  applying  Theorem  4.1.  At  the  lifting 
step  for  p2  we  make  an  arbitrary  choice,  namely  we  choose  tp  such  that  <p  has 
degree  less  than  u.  This  could  be  an  unfortunate  choice,  however,  because  our 
choice  of  may  preclude  the  possibility  of  lifting  mod  p'\  In  [vzGH96b],  we 
see  some  interesting  examples: 

Example  4.4  Let  f  =  x2  +  27x  +  162.  Then  f  =  x2  mod  3  and  = 
0  mod  3. 

Assume  that  we  have  chosen  some  ip  as  above  to  lift  this  to  a  factorization  mod 
9.  Then  we  have 


/  =  (.7;  +  3 ip)(x  +  3(-<p))  =  (.x  +  3 tp)(x  +  6 ip)  mod  9 
where  0  <  tp  <  2.  Then 
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f  -  {x+  3 ip)(x  +  6<p) 
9 


=  2{<p  +  i p2)  mod  3. 


So  we  can  only  lift,  this  factorization  to  one  mod  33  if  2{ip  +  ip1)  =  0  mod  3. 
This  happens  only  when  ip  —  0  or  2.  Thus,  had  we  chosen  ip  —  1,  we  would  not 
be  able  to  lift  this  factorization. 


Unfortunately,  this  procedure  can  get  rather  complicated  as  the  next  example 
will  illustrate: 

Example  4.5  Let  p  —  ‘A^f  —  ®1(\  and  l  —  10. 

After  two  lifting  steps,  we  obtain  the  following  factorization: 


/  =  ixi»  mod  81,  where 

ix  =  x4  +  'Atpax3  +  ‘Aipix1  +  9ip\x  4-  9^0  and  w  =  x6  +  ISipax^  +  (78p2  + 
9p2).i;4  +  (72  (pi  +  18^2^3  +  54<^>3).-n3  +  (72^o  +  9<p§  +  54tpiip3)*2  +  (54<po¥>3  + 
54<pi(p2)z  +  54^0^2  +  54^2 

and  0  <  1 pi  <  27  for  i  g  {2, 3},  and  0  <  (pi  <  9  for  i  6  {0, 1}.  Then 

^  ■—  =  2(^3.-r9  +  2y32-T8  +  (2^1  +  2y3i)®7  +  (2y>2  +  2y>n  +  V’s)®6 

ol 

+{2<p\(pa  +  ipiPzjx?  +  (2y>2  +  ip\)x4 
+(2^n^i  +  +  (T’o  +  V’!)®2  mQ<l  3 


From  the  above  lemma,  we  can  only  lift  this  factorization  if  gl  divides  f  — 
uw/pk  modp.  Hence  we  need  the  following  to  be  true: 

2ipn<pi  +  p\ip\  =  0  mod  3 
Va  +  <P2  =  0  mod  3. 


These  equations  turn  out.  to  be  satisfied  if  and  only  if  ip2  =  0  mod  3  and 
ipa  =  0  mod  3.  As  the  degree  of  /  gets  larger,  the  difficulty  of  solving  these 
equations  to  find  all  factorizations  grows  quickly.  In  fact,  the  biggest  obstacle 
to  computing  these  factorizations  is  to  determine  which  parameters  will  allow 
for  liftings  to  higher  powers  of  p.  It  is  not  clear  how  to  simultaneously  satisfy 
the  all  of  the  parameters  at  each  step.  Hence,  the  best  algorithm  known  runs 
in  exponential  time,  simply  trying  out  all  possible  values  for  each  parameter. 
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5  Further  Algebraic  Considerations 

In  this  section  we  attempt  to  give  some  further  purely  algebraic  considerations 
of  factorizations  in  Zpi  [.x]  partially  outlined  in  [McD74],  We  will  prove  results 
for  a  more  general  ring  than  Zpi  [x]  and  show  that  all  results  apply  to  our  case. 
All  rings  in  this  section  are  commutative  and  have  identity,  (a)  denotes  the 
principal  ideal  generated  by  a. 

5.1  Local  rings 

Definition  5.1  A  local  ring  is  a.  ring  with  a  unique,  maximal  ideal. 

Example  5.2  Z(p),Zp>  and  Zpt  j.x]  are  all  local  rings  whose  unique  maximal 
ideal  in  all  cases  is  (p). 

Recall  that  R/rrt,  where  m  is  a  maximal  ideal  of  R  is  actually  a  field.  The  field 
that  results  from  taking  R/m  where  m  is  our  unique  maximal  ideal  is  called  a 
local  field.  Let  k  —  R/m.  Define  the  natural  projection  from  J?[.r]  to  k[x]  by 
/i.  In  Zph[x],  /i  takes  a  polynomial  in  Zpk[x]  and  reduces  all  of  its  coefficients 
modulo  p. 

We  need  the  following  long  string  of  definitions  to  continue  this  development. 
Some  of  the  definitions  are  repeated  from  previous  sections  for  clarity. 

Definition  5.3  Let  f  and  g  e  R[x}  Then 

•  f  is  nilpotent  if  there  is  an  integer  n  such  that  /"  =  0. 

•  /  is  a  unit  if  there  is  a  polynomial  h,  with  fh=l. 

•  /  is  regular  is  /  is  not  a  zero  divisor. 

•  /  is  prime  if  (/)  is  a  proper  prime  ideal. 

•  /  is  irreducible  if  /  is  not  a  unit  and  whenever  /  =  gh  then  g  or  h  is  a 
unit. 

•  f  is  primary  if  (f)  is  a  primary  ideal. 

•  f  and  g  are  associated  if  (/)  =  (g). 

•  /  and  g  are  coprime  if  R[:r,}  =  (/)  +  (g) 

The  following  proposition  gives  us  some  simple  characterizations  for  the  above 
definitions: 

Proposition  5.4  [McD74]  Let  f  =  a0  +  alx  4 - +  anxn  e  R[x}. 

1.  The  following  are  equivalent 
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(a.)  f  is  a  unit 

(b)  pf  is  a.  unit. 

( c.)  no  is  a  unit  and  a%  ...an  are  nilpntent, 

2.  The  following  are  equivalent, 

(a)  f  is  nilpotent 

(b)  pf  =  0 

(c)  an,...  ,an  are  nilpotent 

(d)  f  is  a  zero  divisor 

(e)  there  is  a  non- zero  a  6  R  with  af  =  0. 

3.  The  following  are  equivalent 

(a)  f  is  regular 

(b)  (a0,oi,...  ,an)  =  R 

(c)  ai  is  a  unit  for  some  0  <  i  <  n 
(d.)  pf  0 

Proof:  The  proof  of  parts  (a)  and  (b)  follow  immediately  from  Proposition  2.9 
in  the  first  section.  Part  (c)  is  quite  easy  as  well.  If  /  is  regular  then  it  is  not  a 
zero  divisor.  Hence,  we  cannot  ’factor’  out  p  from  one  of  the  coefficients.  This 
implies  that  some  ai  $  (p).  Since  (p )  is  our  unique  maximal  ideal,  az  must  be  a 
unit.  Since  some  is  a  unit,  (ao,ai,...  ,an)  —  R.  Furthermore,  since  not  all 
the  coefficients  are  in  (p),  our  projection  onto  m{x\  must  be  non-zero.  Hence, 

pf  ^  o.  a 


5.2  Hensel’s  Lemma  generalized 

Now  we  can  restate  Hensel’s  Lemma  in  a  more  general  setting: 

Theorem  5.5  [Generalized  Hensel’s  Lemma]  Let  f  e  and 

pf  =  91  ■  ■  ■  9n 

where  pj, . . .  ,gn  are  pair-wise  coprime.  Then  there  exist  g\,. . .  ,  gn  e  jR[.t]  such 
that 


1.  gi,...  ,gn  are  pair-wise  coprime 
P9i  =  9i  fori  <i<  n. 

3-  f  =gr--9n- 

Proof:  The  proof  is  identical  to  that  of  the  first  Hensel’s  Lemma.  All  of  the 
details  are  in  [McD74].  ■ 
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5.3  Ideal  decomposition 

We  build  towards  a  nice  characterization  of  all  factorizations  of  a  polynomial  in 
such  a  ring.  In  order  to  do  this,  we  need  to  apply  some  theorems  from  Primary 
Ideal  Decomposition  found  in  [Hun74j.  Before  this,  we  make  a  few  observations. 

Lemma  5.6  Let  /,  J  be  cnmaximal  ideals  of  a  ring  R.  1  +  J  =  I  D.J. 

Proof:  Recall  that  I J  is  the  set  of  all  finite  sums  of  the  form  ij  such  that  i  6  I 
and  j  &  J.  IJ  C  I  fi  J  since  for  a  £  IJ,  a  =  rij  for  some  r  6  R,  and  thus 
a  =  (ri)j  and  a  =  ( rj)i .  Now  let  a  £  I  fl  J.  Since  I,  J  are  comaximal,  there 
exist  ri,  r-i  £  R  such  that  rii  +  r?j  —  1.  Hence  ar\i  +  ar2j  =  a.  But  a  =  ci  and 
a  =  bj  for  some  c,  h  £  R.  Thus  bjr\i  +  cir-ij  =  c  =>■  ij(br\  +  erf)  =  a.  Hence 
a  £  IJ.  m 


Corollary  5.7  Let  I\,  I2, . . .  ,  In  be.  pair-wise  comaximal  ideals.  Then  it  follows 

that  hh  •••/„  =  h  n  h  n  •  •  •  n 

Definition  5.8  Let  I  be  an  ideal  of  R.  The  radical  of  I,  denoted  Rad  I,  is  the 
intersection  over  all  prime  ideals  P  that  contain  I.  If  the.  set  of  prime  ideals 
containing  I  is  empty  then  Rad  I  is  defined  to  be  R. 

Definition  5.9  If  Q  is  a.  primary  ideal  in  a  commutative  ring  R,  then  the 
radical  P  of  Q  is  called  the  associated  prime  ideal  of  Q.  We  say  that  Q  is  P 
primary. 

Lemma  5.10  Let  R  be  a  local  ring.  Then  if  (/ ig )  is  a  primary  ideal  then  ( g ) 
is  a  primary  ideal. 

Proof:  Let  ah  £  ( g ).  We  assume  that  h  0  (3).  We  need  to  show  that  an  6  (g) 
for  some  rc.We  know  (fig)  is  a  primary  ideal  by  assumption,  fig  =  g  +  M  where 
M  is  our  unique  maximal  ideal.  Since  ab  £  (g),  fi(ab)  £  (fig)  =4-  ab  +  M  — 
( a  +  M)(b  +  M)  £  (g  4-  M).  But  (g  +  M)  is  primary.  Hence 

(o  +  M)k  =  (ak  +M)e(g  +  M) 

(ak  +  M )  =  ug  +  M 

—  ak  —  ug  £  M. 


This  implies  that  ak  =  ug  +  m  for  some  m  £  M  and  u  £  R.  Now  let  d  be  the 
nilpotency  of  m  and  we  see: 
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akd  =  ( ug  4-  m)d 


=  gY  +  m!1 
=  gY 


where  d  is  the  nilpoteney  of  m  and  Y  is  what  remains  after  factoring  out  a  g 
from  the  above  sum.  Hence  ak<l  £  (g)  so  ( g )  is  primary.  ■ 

Corollary  5.11  Let  R  =  Zpt.[x\,e  6  N.  Let  g  be  an  irreducible  non-zero 
polynomial  mod  p  and  h  and  arbit.ro.ry  element  of  Zpk[x].  Then  (ge  +  ph)  is  a 
primary  ideal.  In  particular,  ( ge  +  ph)  is  (g)  primary. 

Proof:  Notice  that  ge  4-  ph  mod  p  =  gr  mod  p  which  is  trivially  a  primary 
polynomial.  By  the  above  lemma,  gK  4-  ph  must  be  primary.  ■ 

We  introduce  the  next  two  definitions  and  theorem  for  the  proof  of  the  main 
theorem  of  this  section: 

Definition  5.12  We  say  an  ideal  C  of  R  has  a  primary  decomposition  if  C  = 
A\  fl  A2  fl  •  •  •  fl  An  with  each  Ai  a  Pi  primary  ideal  of  R  for  some  prime  ideal 
Pi  of  R.  If  no  Ai  contains  Ai  fl  A%  n  •  •  •  An  and  if  the  ideals  Pi,.. .  ,Pn  are 
distinct  then  the  primary  decomposition  is  said  to  be  reduced. 

Definition  5.13  Let  C,Ai,  and  Pi  as  above.  If  P,  <£.  Pj  for  all  j  i  then  Pi 
is  said  to  be  an  isolated  prime  ideal  of  C. 

Theorem  5.14  Let  C  be  an  ideal  of  R  with  two  reduced  primary  decomposi¬ 
tions 


Ax  n  A2  n  •  •  •  n  Ak  =  c  =  A\  n  a'2  n  •  •  •  n  A'n 

where  A,  is  Pi  primo.ry  o.nd  A'j  is  P'-  primary.  Then  k=s  and  ( after  reordering) 
Pi  =  P!  for  i  —  1,2,...  ,k.  Fut.hermore  if  Ai  and  A'i  both  are  Pi  primary  and 
Pi  is  an  isolated  prime  then  Ai  =  At. 

The  original  statement  of  the  theorem  and  proof  can  be  found  in  [Hun74].  It 
is  stated  originally  for  fi-modules,  but  we  view  a  ring  R  as  an  fi-module  over 
itself  and  so  everything  applies  naturally. 


28 


5.4  The  unique  factorization  theorem 

Now  we  can  prove  the  much  anticipated  major  theorem  of  this  section. 

Theorem  5.15  [McD74]  Let  f  be  a  regular  polynomial  in  R[x\ .  Then 

1.  f  —  &gi  ■  gn  where  S  is  a  unit  and  g\-  ■  •  gn  are  regular  primary  coprime 
polynomials. 

2.  If  f  =  Sg\  ■  gn  =  ph\  •  •  •  hm  where  i5  and  p  are  units  and  {<fc}  and  { hj } 
are  regular  primanj  coprime  polynomials  then  n  —  m.  and,  after  reordering 
{hi)  -  ( gi ),  1  <  i  <  n. 

Proof:  First  we  prove  (1).  Let  /  be  regular  in  -R[.r].  Then  jif  is  non-zero. 
Hence  fif  —  Ig\Kl  ■  ■  ■  g„r'n  where  the  gfs  are  irreducible  coprime  polynomials  in 
fc[®].  In  other  words,  we  have  projected  our  polynomial  mod  p  to  find  its  fac¬ 
torization  into  powers  of  irreducible  coprime  polynomials.  Now,  using  Hensel’s 
Lemma,  we  can  find  a  factorization  /  =  Sgi  ■  ■  ■  gn  where  ph  —  5  and  =  gf4. 
Notice  that  each  gi  =  ge  +ph  for  some  irreducible  polynomial  g  and  some  poly¬ 
nomial  h.  e  H[®].  Thus  by  Lemma  5.10  (gi)'s  and  similary  (hi)'s  are  primary. 

Now  we  prove  (2).  Since  we  have  /  =  gi  ■  ■  ■  gn  =  hi  •  •  •  hn  we  have  the  following 
series  of  equations: 


if)  =  (9f-9n)  =  {hi---hn) 

-  (ffl)  ■  ■  ■  (ffn)  =  (hi)  ■  ■  ■  (hn) 


But  since  the  (gi)'s  are  pairwise  comaximal  we  have  that  (pijfe)  •  •  •  (gn)  — 
(ffl)  n  (gf)  n  •  •  •  n  (gn)  and  similarly  for  the  (hi)'s.  The  lmderlying  prime  ideal 
for  each  (g,)  =  (ge  +ph)  is  simply  (g).  Trivially,  for  g,h.  distinct  irreducible 
polynomials  mod  p ,  (g)  (h) .  Hence,  every  underlying  prime  ideal  in  our 

product  is  isolated.  Thus,  we  have  found  two  reduced  primary  decompositions 
for  /  where  every  Pi  is  isolated  for  every  P,  primary  ideal  in  the  product.  By 
the  Theorem  5.14  after  renumbering,  the  individual  ideals  must  be  equal.  ■ 

Thus  our  factorizations  are  unique  up  to  ideals 

6  Conclusions  and  Questions 

6.1  Some  conclusions 

The  discriminant  of  a  polynomial  determines  whether  or  not  it  is  hard  to  calcu¬ 
late  all  of  its  factorizations  mod  pk.  In  all  cases  we  can  use  a  unique  factorization 
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modulo  p  to  help  find  all  the  factorizations.  This  information  alone  is  not  very 
helpful.  If  the  prime  power  we  are  factoring  over  is  much  larger  than  the  dis¬ 
criminant,  we  can  use  the  correspondence  with  the  p-adic  integers  to  form  a 
relatively  simple  method  to  solve  a  system  of  equations  in  polynomial  time. 

If  the  discriminant  is  zero,  we  have  difficulty  characterizing  the  factoriza¬ 
tions  of  our  polynomials,  because  we  cannot  easily  lift  the  factorization.  This 
case  results  in  a  complicated  systems  of  diophantine  equations. 

The  Primary  Decomposition  Theory  provides  us  with  a  nice  characteriza¬ 
tion  of  the  factorizations  of  a  polynomial.  Although  the  factorization  of  a 
polynomial  is  not  unique  in  Zpk[x],  it  is  unique  up  to  the  ideals  generated  by 
the  coprime  factors.  We  would  like  to  take  advantage  of  this  algebraic  situation 
and  come  up  with  an  algorithm  that  exploits  it.  Unfortunately,  all  of  the  known 
ideal  membership  problems  rely  upon  a  Grobner  Basis  algorithm  which  runs  in 
exponential  time. 

These  results  could  be  applied  the  multivariate  case  were  it  not  for  our 
current  inability  to  lift  multivariate  factorizations.  Applying  this  in  the  multi¬ 
variate  case  could  result  in  new  bounds  for  polynomials  representing  boolean 
functions  modulo  n. 

6.2  Questions 

We  would  like  to  use  the  results  to  get  bounds  on  the  degree  of  a  polynomial 
representing  a  boolean  function.  This  could  be  done  by  examining  its  factor¬ 
ization  over  the  p-adics.  Unfortunately,  these  polynomials  are  all  multi-variate, 
and  our  results  do  not  directly  apply.  The  problem  is  that  when  two  mul¬ 
tivariate  polynomials  /,  g  are  relatively  prime,  there  do  not  necessarily  exist 
polynomials  /',  g'  such  that  fg'+gf'  =  1 .  Thus,  Hensel’s  Lemma  breaks  down. 
An  interesting  problem  is  determining  whether  or  not  a  multivariate  factoriza¬ 
tion  can  be  lifted  and  if  so,  how?  This  would  provide  us  with  a  way  to  use  all 
of  the  machinery  developed  for  the  univariate  case. 

It  is  also  unclear  as  to  how  Primary  Decomposition  Theory  can  be  used, 
outside  of  Grobner  Basis  algorithms,  to  provide  some  insight  on  factorizations. 
Exploiting  this  natural  algebraic  structure  seems  quite  possible. 

Is  there  a  feasible  way  of  implementing/verifying  Chistov’s  algorithm  for 
factoring  polynomials  over  Z(p)\x ]  in  polynomial  time?  Currently,  it  seems  far 
beyond  what  we  can  implement. 
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8  Appendix 

This  Appendix  contains  code  for  the  Mathematica  Symbolic  Computation  Pack¬ 
age.  It  includes  a  function,  CompFactor,  which  takes  as  input  a  polynomial 
in  Z[x\  and  will  produce  a  factorization  mod  n  for  a  specified  composite.  If 
the  polynomial  is  of  the  form  gK  mod  p  for  some  prime  p  dividing  n,  then  the 
algorithm  will  not  compute  a  factorization.  This  case  corresponds  to  the  case 
where  the  discriminant  of  /  is  zero  and  thus  cannot  be  lifted  without  a  tedious 
exponential  time  algorithm.  Otherwise,  the  polynomial  is  factored  into  coprime 
factors  using  Hensel  Lifting  and  the  Chinese  Remainder  Theorem. 


Get  ["NumberTheory'NumberTheoryFunctions* "]  ; 
Get ["Algebra* PolynomialPowerMod* "] ; 

Get  ["Algebra'PolynomialExtendedGCD*"]  ; 


ExtraCoeff [a_List , i_] : = 

If  [a  ==  O, 

(*then*) 

o. 

(♦else*) 

Prepend  [ExtraCoeff  [Rest  [a]  ,i]  ,  Coefficient  [First  [First  [a]]  ,x‘i]] 

] 

ExtraConCoeff [a_List] := 

If  [a  ==  O, 

(♦then*) 

o. 
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(♦else*)  , 

Prepend [ExtraConCoeff  [Rest  [a]  ]  .PolynomialMod [First  [First  [a]]  ,x]  ] 

] 

ExtraModuli [a_List] := 

If  [a  ==  O, 

(♦then*) 

o, 

(♦else*) 

Prepend  [ExtraModuli  [Rest  [a]]  .First  [Rest  [First  [a]]]] 

] 

(*  Given  the  list  {{facl,m_l},{fac2,m_2}}  we  can  reconstruct  the  polynomial 
with  this  decomposition  *) 

ChinesePolyRem[a_List ,n_] := 

Module [{ModuliList ,pp, ResPoly}, 

ModuliList  *  ExtraModuli [a] ; 

For [pp=0,pp<(n+l) ,pp++, 

If  [pp==0 , 

(*  then  *) 

ResPoly=ChineseRemainderTheorem[ExtraConCoeff [a] .ModuliList]  , 

(*  else  *) 

ResPoly  =  (ResPoly  + 

( Chine  seRemainderTheorem [ 

ExtraCoeff [a,pp] .ModuliList] )*x~pp)]] ; 

{ResPoly}] 


(*  This  takes  a  polynomial  f,  its  two  factors  mod  p  (g  and  h)  as  well  as  p 
and  the  degree  to  lift  to  and  produces  a  lifted  factorization  Based 
on  Eric  Bach's  Algorithmic  Number  Theory  book —  see  Bibliography*) 

HenselLif t [f _ , g_ , h_ , p_ , k_] : =Module  [{t ,  a ,  b ,  q ,  u ,  v ,  gg , hh} , 
t=PolynomialExtendedGCD  [g , h , Modulus->p] ; 
a=t  [[2,1]]; 
b=t  [[2,2]]  ; 

gg=g; 

hh=h; 

For  [i=2,i<(k+l) ,i++, 

q=PolynomialMod[(f-gg*hh)*(l/(p"(i-l))) ,p]  ; 
u=PolynomialMod[(q*b) ,g] ; 
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v  =  PolynomialMod[(q*a) ,h] ; 

gg  =  PolynomialMod[(gg  +  ( (p“  (i-1)  )*u))  ,p"i]  ; 
hh  =  PolynomialMod[(hh  +  ((p”(i-l))*v))  ,p~i] ]  ;  {gg,hh}] 


PolyMult  [a_  ,b_]  :  =  (First  [a]  *First  [b] ) 

ProductPoly  [a_]  :=  Fold  [PolyMult  ,{1 , 1> ,  a] 

(*  This  takes  {{pi, ml}, {p2, m2}  ...  }  and  produces  pl*p2*p3. .*pn  *) 
PolyProd[a_]  :  = 

If  [a=={} ,  1  .First  [First  [a]  ]  *PolyProd  [Rest  [a]  ]  ] 

/♦This  creates  a  tuple  of  n  l’s  with  the  irred  polynomial  in  the  kth 
position,  i.e.  {1 , 1 , 1 , irred, 1 , 1 , 1}  It  corresponds  to  an  irreducible  factor 
in  the  product  ring  */ 

Createlrreducible  [irred, ,n_ ,k_,mmlist_] : “Module [{final} , 
final=  {}; 

For  [oo=l , oo<n+l , oo++ , 

If  [oo==k , 

(♦then*) 

AppendTo  [f inal , {irred , mmlist [ [oo] ] }] , 

(♦else*) 

AppendTo  [final ,  {1  .mmlist  [  [oo]  ]  }]  ]  ]  ;  f  inal] 


(*  More  helper  functions  *) 

(*  These  put  factorizations  from  the  FactorList  function  into  a  more 
acceptable  form.  I.e.,  {{x'2+2,3}}  is  translated  as  {(x~2+2) ~3, 1}  *) 


PowerHelp[f_]  :={First  [f] "  (First  [Rest  [f]])  ,1} 

MyFactorList  [f_,p_]  :=Map[PoverHelp, FactorList [f ,Modulus->p]] ; 


(*  This  takes  a  polynomial  f,  a  list  of  its  irreducible  factors  mod  p 
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{{pl,exp},{p2,exp2},{p3,exp3}  ..  }  and  lifts  it  to  a  complete  factorization 
mod  p"k.  n  corresponds  to  the  number  of  irred  factors  *) 

LiftFactors[f_,a_List ,n_,p_,k_] := 

Module  [{productsof  ar  ,TempPolyList  .LiftedList} , 

TempPolyList  *  a; 

If  [(a  [[2 ,2]]  ==  1  kk  Length  [a]  ==  2)  ,{{1 ,  l},{f ,  1», 

(*  else  *) 

If[Length[a]  ==2,  Print  ["Failure"]  , 

(*  else  *) 

LiftedList=-Q ; 

Tempf  «  f ; 

productsofar=PolyProd[a] ; 

AppendTo  [LiftedList ,{1 , 1}]  ; 

TempPolyList  =  Rest [TempPolyList] ; 

Firstfac  =  TempPolyList [[1 , 1]] ; 

Secondfac  =  PolynomialQuotient [productsofar .Firstfac ,x,Modulus->p] ; 

For  [ j  j  =0 . j  j  <n+l ,  j  j  ++ , 

(  Print  [jj]; 

If [Length [TempPolyList] =“i, 

(*  then  *) 

Return [{LiftedList ,p‘k>] , 

(*  else  *) 

With [{FLif tFac  “First  [HenselLif t [Tempf , Firstf  ac , Secondf ac ,p ,k]  ]  , 

SLiftFac  “HenselLif t [Tempf .Firstfac .Secondfac ,p ,k] [[2]]>, 

If  [Length  [TempPolyList]  ==  2,  (*  only  2  factors  to  lift  *) 

(*  then  *) 

(AppendTo  [LiftedList ,  {FLiftFac ,  !)■]  ; 

AppendTo [LiftedList .{SLiftFac , 1}] ) ; 

TempPolyList  =  Rest [TempPolyList] , 

(*  else  *) 

(TempPolyList  =  Rest [TempPolyList] ; 

AppendTo  [LiftedList , {FLiftFac , 1>] ; 

Tempf  =  SLiftFac; 

Firstfac  =  TempPolyList [ [1 , 1] ] ; 

Secondfac  = 

PolynomialQuotient [Secondfac, Firstf ac ,x,Modulus->p]  ;)]]])] ;] ;] 

(*  CreateMasterList  takes  a  polynomial  f,  and  a  list  of  factors  (fac) 
of  some  modulus.  It  reduces  f  by  each  element  of  fac  and  factors  it  using 
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previous  procedures .  Returned  is  a  list  of  the  following  type : 

{{{{l , 1} , {x , l} ,  {3+x ,  l}}  ,5} ,  {{{1 , 1} ,  {3+x ,  1} ,  {5+x ,  1}} ,  7» 

This  corresponds  to  f’s  factorization  mod  5  and  mod  7  *) 

CreateMasterList[f_,  fac.List]  :  = 

Module [{TempFL , GoalLi st , n , currentp , curr entexp .FacList} , 

TempFL  =  fac; 
n  =  Length  [fac]  ; 

GoalList={}; 

For  [ii=0,  ii<n,  ii++, 

currentp  =  First  [First [TempFL]] ; 
currentexp  *  First  [Rest  [First [TempFL]]] ; 

If [((FactorList [f , Modulus ->currentp] )  [[2 ,2]]  >  1  kk 

Length  [FactorList  [f  ,Modulus->currentp]]  ==  2)  .Abort  []  .Print  ["Liftable11]]  ; 
FacList  =  MyFactorList [f .currentp] ; 
t  =  Length [FacList] ; 

If  [t==2, 

(♦then  ♦) 

AppendTo  [GoalList , {{{1 , 1} , {FacList  [  [2 , 1] ] , 1}} , currentp~currentexp}] , 

(♦else  ♦) 

AppendTo  [GoalList .LiftFactors  [f .FacList ,t .currentp, currentexp]]] ; 

If  [Rest [TempFL]  »»  {>, Return [GoalList] ,TempFL«Rest [TempFL]]] ;] 

(♦  Final  List  takes  the  list  created  by  CreateMasterList  and  expands 
everything  by  converting  it  into  irreducibles  of  the  form  (1 , 1 , 1 , 1 ,f , 1 , 1 , i) 
and  sending  it  to  the  poly  Chinese  remainder  theorem.  It  then  reconstructs 
the  correct  factors  and  spits  out  our  factorization  It  gets  the  length 
of  this  tuple  from  deg  ♦) 

FinalList  [Master.List ,deg_] : = 

Module [{TMaster .MModuliList .FinalOutput .Outerloop.Innerloop.Interoutput , 
Innerlist}, 

TMaster  =  Master; 

MModuliList  =  Map  [Last, Master] ; 

FinalOutput={} ; 

Outerloop  •  Length [Master] ; 

For [iii=l ,iii<Outerloop+l ,  iii++, 

( 

Inneroutput={> ; 

Innerloop  =  Length [First [First [TMaster]]  -  1]; 

Innerlist  =  First [First [TMaster]] ; 
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For [ j  j  =2 , j  j  <Innerloop+l , j  j  ++ , 

(AppendTo  [Inneroutput , 

First [ChinesePolyRem [Cr eat e Irreduc ible 

[Innerlist [[j j , 1]] ,Outerloop,iii,MModuliList]  ,deg]]]  ; 

(*  debugging  purposes  *) 

Print [MModuliList] ; 

Print [Createlrreducible  [Innerlist [[(jj) ,1]] .Outerloop.iii, MModuliList]] ; 
Print [ChinesePolyRem [Create Irreduc ible 

[Innerlist[[(j j) ,1]] .Outerloop, jj-1, MModuliList] ,deg]] ;)] ; 

TMaster  =  Rest [TMaster] ) ; 

AppendTo [FinalOutput , Inneroutput] ;] ;  Flatten [FinalOutput]] 

(»  This  gives  the  actual  factorization.  The  master  function  *) 
MasterFactor  [f_ ,deg_ ,n_] : = 

FinalList [CreateMasterList [f .Factorlnteger [n]  ] , deg] 

CompFactor[poly_,modd_] := 

MasterFactor  [poly , 2*Exponent  [poly  ,x] ,modd] 
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